[9c. Adversarial ML] Why the adversarial training algorithm works ?
Hi,
I wonder why the algorithm to train a robust models works (at the end of the slides of lecture 9c).
I have the intuition that it should work because as we train on many adversarial examples, we should cover enough of such example so that our model "know" them and can deal with adversarial examples similar to them.
Is it a correct intuition or does this training do more than just learning how to deal with some "bad examples" ?
[9c. Adversarial ML] Why the adversarial training algorithm works ?
Hi,
I wonder why the algorithm to train a robust models works (at the end of the slides of lecture 9c).
I have the intuition that it should work because as we train on many adversarial examples, we should cover enough of such example so that our model "know" them and can deal with adversarial examples similar to them.
Is it a correct intuition or does this training do more than just learning how to deal with some "bad examples" ?
Thanks in advance for your attention
Yeah, I think this is a good intuition. You kind of ‘add those examples’ to the training set.
2
Add comment